LANCOM Support Knowledgebase Document No. 1906.1710.2240.RHOO - V2.60

How to remove the warning message about the insecure certificate when accessing the LANCOM R&S®Unified Firewall via the web interface



Description:

Accessing the web configuration interface of a LANCOM R&S®Unified Firewall usually prompts a warning about an insecure certificate because its is self-signed by the firewall and therefore not from a trusted certificate authority (CA) known to the browser.

This document describes how this warning can be removed.


Requirements:
  • Web browser


Procedure:

1) Log in to the firewall’s web interface with administrator rights.

2) Open the menu item Certificates management -> Certificates and click the “+” button.


  • In the drop-down menu “Type” of the window displayed at top left, select the option “CA for VPN/Webserver certificates”.
  • In the field “Private key”, select the value 4096 bits.
  • Enter a common name of your choice (e.g. LANCOM CA).
  • Set any private key password.



3) Now click on the Create button.

4) Now click the “+” button again.
  • In the drop-down menu “Type” of the window displayed at top left, select the option “Webserver certificate /UA client”.
  • Set the “Signing CA” to the CA from step 2.
  • In the field “Private key”, select the value 4096 bits.
  • Enter a common name of your choice (e.g. “WebGUI certificate”).
  • In the fields CA password and Private key password, enter the password set in step 2.
  • In the field “Subject Alternative Name (SAN)”, enter at least the IP address of the management interface, e.g. 192.168.1.254. If you access the firewall via other interfaces, you can also specify these here.


5) Now click on the Create button.

6) Export the CA certificate created in step 2 as *.pem file.



7) After saving, rename this file to a *.crt file. Double-click to install the certificate in your Windows operating system.
    It is important that you install the certificate in the “Trusted Root CAs” store.

8) In the configuration interface of the Firewall, switch to the menu Firewall access -> Web client settings.

9) Select the web client certificate “WebGUI certificate” created in step 4.



10) Then restart your Windows operating system.

Catchwords: firewall; uf; certificate; CA
Please review this document! This document was helpful This document was not helpful